package com.wl.shixun3.controller;

import com.wl.shixun3.service.UserService;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * 修改密码控制器（已登录用户）
 */
@WebServlet("/shixun3/changePassword")
public class ChangePasswordController extends HttpServlet {
    private UserService userService;

    @Override
    public void init() throws ServletException {
        userService = new UserService();
    }

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        // 检查用户是否已登录
        HttpSession session = request.getSession(false);
        if (session == null || session.getAttribute("username") == null) {
            response.sendRedirect(request.getContextPath() + "/shixun3/login.jsp");
            return;
        }
        
        // 转发到修改密码页面
        request.getRequestDispatcher("/shixun3/changePassword.jsp").forward(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        // 设置编码
        request.setCharacterEncoding("UTF-8");
        response.setCharacterEncoding("UTF-8");
        response.setContentType("text/html; charset=UTF-8");

        // 检查用户是否已登录
        HttpSession session = request.getSession(false);
        if (session == null || session.getAttribute("username") == null) {
            response.sendRedirect(request.getContextPath() + "/shixun3/login.jsp");
            return;
        }

        String username = (String) session.getAttribute("username");
        
        // 获取表单参数
        String oldPassword = request.getParameter("oldPassword");
        String newPassword = request.getParameter("newPassword");
        String confirmPassword = request.getParameter("confirmPassword");

        // 参数验证
        if (oldPassword == null || oldPassword.trim().isEmpty() ||
            newPassword == null || newPassword.trim().isEmpty() ||
            confirmPassword == null || confirmPassword.trim().isEmpty()) {
            request.setAttribute("errorMessage", "所有字段都不能为空！");
            request.getRequestDispatcher("/shixun3/changePassword.jsp").forward(request, response);
            return;
        }

        // 验证新密码和确认密码是否一致
        if (!newPassword.equals(confirmPassword)) {
            request.setAttribute("errorMessage", "两次输入的新密码不一致！");
            request.getRequestDispatcher("/shixun3/changePassword.jsp").forward(request, response);
            return;
        }

        // 验证旧密码并更新密码
        boolean success = userService.changePassword(username, oldPassword, newPassword);
        
        if (success) {
            request.setAttribute("successMessage", "密码修改成功！请使用新密码重新登录。");
            // 清除当前会话
            session.invalidate();
            request.getRequestDispatcher("/shixun3/changePasswordSuccess.jsp").forward(request, response);
        } else {
            request.setAttribute("errorMessage", "旧密码错误或修改失败！");
            request.getRequestDispatcher("/shixun3/changePassword.jsp").forward(request, response);
        }
    }
}

